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1 This action is in response to the communication filed on 6/19/2008. 

2 DETAILED ACTION 

3 Response to Arguments 

4 Applicant's arguments filed 6/19/2008 have been fiiUy considered but they are not 

5 persuasive. 

6 The appUcants argue primarily that Tan did not teach or suggest dynamically maintaining 



7 a balance between security level and processing speed. The examiner does not find this 

8 argument persuasive. First, after reviewing the instant specification, the only support for this 

9 newly claimed limitation that the examiner can find is a brief mention in the background of the 

10 invention that states that "how to find the balance between security level and processing speed is 

11 an important topic in the industry". The remainder of the specification is silent as to "processing 

12 speed", and rather only discusses dynamically selecting encryption algorithm module 

13 combinations. Second, Tan disclosed controlling the speed of encryption by using combinations 

14 of simple encryption modules which are dynamically selected. This meets the limitation of the 

1 5 claim language. Further, in response to applicant's argument that the references fail to show 

1 6 certain features of applicant's invention, it is noted that the features upon which applicant relies 

17 (i.e., use of complex algorithms; use of conventional algorithms) are not recited in the rejected 

18 claim(s). Although the claims are interpreted in light of the specification, limitations from the 

19 specification are not read into the claims. See In re Van Geuns, 988 F.2d 1 181, 26 

20 USPQ2d 1057 (Fed. Cir. 1993). 

2 1 All objections and rejections not set forth below have been withdrawn. 

22 Claims 1-39 have been examined. 
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1 Title 

2 The title of the invention is acceptable. 

3 Claim Rejections - 35 USC § 102 

4 The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 

5 basis for the rejections under this section made in this Office action: 

6 A person shall be entitled to a patent unless - 

1 (e) the invention was described in (1) an application for patent, published under section 

8 122(b), by another filed in the United States before the invention by the applicant for patent or 

9 (2) a patent granted on an application for patent by another filed in the United States before the 

10 invention by the applicant for patent, except that an international application filed under the 

1 1 treaty defined in section 351(a) shall have the effects for purposes of this subsection of an 

12 application filed in the United States only if the international application designated the United 

13 States and was published under Article 21(2) of such treaty in the English language. 
14 

15 Claims 1,9, 11, and 29-36 are rejected under 35 U.S.C. 102(e) as being anticipated by 

1 6 Tan (US Patent Number 6,490,353). 

17 Regarding claim 7, Tan disclosed a data encryption method, the method comprising: 



1 8 constructing encryption definition data containing a plurality of encryption algorithm module 

19 indicators (See Tan Col. 8 Lines 15-24); inputting digital data to be encrypted (See Tan Col. 8 

20 Lines 38-54); from the encryption definition data, selecting at random an encryption algorithm 

21 module indicator (See Tan Col. 10 Lines 37-55); with the selected encryption algorithm module 

22 indicator as a guide, controlling encryption processing of the inputted digital data (See Tan Col. 

23 10 Lines 37-55), wherein the selected encryption algorithm module indicator dynamically 

24 maintains a balance between security level and processing speed (See Tan Col. 10 Lines 37-55); 

25 and appending decryption information to the digital data that has undergone encryption 

26 processing for subsequent output (See Tan Col. 4 Lines 7-23). 
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1 Regarding claim 9, Tan disclosed that the constructed encryption definition data includes 

2 a plurality of encryption algorithm module combinations, each of the encryption algorithm 

3 module combinations including an encryption algorithm module indicator and an authentication 

4 algorithm module indicator, an encryption algorithm module combination being selected at 

5 random from the retrieved encryption definition data, the selected encryption algorithm module 

6 combination being used as a guide for controlling encryption processing, including the type of 

7 encryption and the type of authentication, of the inputted digital data (See Tan Col. 7 Lines 13- 

8 25). 

9 Regarding claim 1 1 , Tan disclosed a data encryption method, the method comprising the: 

10 constructing an encryption module database for storing a plurality of entries of records of data, 

1 1 each of the entries of records containing an encryption algorithm module indicator and an 

12 authentication algorithm module indicator (See Tan Col. 7 Lines 13-25 and Col. 8 Lines 15-24); 

13 constructing encryption definition data which includes a plurality of encryption module database 

14 indexes (See Tan Col. 8 Lines 15-24); inputting digital data to be encrypted(See Tan Col. 8 Lines 

15 38-54); from the encryption definition data, selecting at random an encryption module database 

16 index (See Tan Col. 10 Lines 37-55); according to the retrieved encryption module database 

17 index, selecting an entry of record from the encryption module database (See Tan Col. 10 Lines 

1 8 37-55); with the selected entry of record as a guide, controlling encryption processing, including 

19 the type of encryption and the type of authentication, of the inputted digital data (See Tan Col. 

20 10 Lines 37-55) , wherein the selected encryption algorithm module indicator dynamically 

21 maintains a balance between security level and processing speed (See Tan Col. 10 Lines 37-55); 
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1 and appending decryption information to the digital data that has undergone encryption for 

2 subsequent output (See Tan Col. 4 Lines 7-23). 

3 Regarding claim 29, Tan disclosed a data decryption method, the method comprising: 

4 inputting digital data to be decrypted (See Tan Col. 10 Line 64 - Col. 1 1 Line 4); inspecting to 

5 determine whether the digital data includes a decryption algorithm module indicator and, upon 

6 an affirmative determination, retrieving the decryption algorithm module indicator and, upon a 

7 negative determination, setting the data to be decrypted as equivalent to inputted data for 

8 subsequent processing (See Tan Col. 13 Lines 4-39 and Col. 8 Lines 3-6); with the retrieved 

9 decryption algorithm module indicator as a guide, controlling decryption processing of the 

10 inputted digital data (See Tan Col. 13 Lines 4-39) , wherein the retrieved decryption algorithm 

1 1 module indicator dynamically maintains a balance between security level and processing speed 

12 (See Tan Col. 10 Lines 37-55); and outputting the digital data that has undergone decryption 

13 (See Tan Col. 13 Lines 4-39). 

14 Regarding claim 3 1 , Tan disclosed a data decryption method, the method comprising: 

1 5 constructing a decryption module database for storing a plurality of entries of records of data, 

1 6 each of the entries of records being a decryption algorithm module indicator (See Tan Col. 4 

17 Lines 7-23); inputting digital data to be decrypted (See Tan Col. 10 Line 64 - Col. 1 1 Line 4); 

1 8 inspecting to determine whether the digital data includes a decryption module database index 

19 and, upon an affirmative determination, retrieving the decryption module database index or, 

20 upon a negative determination, setting the data to be decrypted as equivalent to inputted data for 

21 subsequent processing (See Tan Col. 13 Lines 4-39 and Col. 8 Lines 3-6); with the retrieved 

22 decryption module database index as a guide, selecting an entry of record from the decryption 
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1 module database (See Tan Col. 13 Lines 4-39); with the selected entry of record as a guide, 

2 controlling decryption processing of the inputted digital data (See Tan Col. 13 Lines 4-39) , 

3 wherein the retrieved decryption algorithm module indicator dynamically maintains a balance 

4 between security level and processing speed (See Tan Col. 10 Lines 37-55); and outputting the 

5 digital data that has undergone decryption (See Tan Col. 13 Lines 4-39). 

6 Regarding claim 33, Tan disclosed a data decryption apparatus, the apparatus having an 

7 input portion for input of data and an output portion for output of data after decryption 

8 processing thereof (See Tan Col. 10 Line 64 - Col. 1 1 Line 4), the apparatus fiirther comprising: 

9 an inspecting portion for inspecting whether the data inputted via the input portion includes a 

10 decryption algorithm module indicator and, upon an affirmative inspection result, retrieving the 

1 1 decrj^tion algorithm module indicator or, upon a negative inspection result, transmitting the 

12 inputted data directly to the ou^ut portion (See Tan Col. 13 Lines 4-39 and Col. 8 Lines 3-6); 

13 and a decryption processing portion for controlling decryption processing of the inputted digital 

14 data using the decryption algorithm module indicator retrieved by the inspecting portion as a 

15 guide (See Tan Col. 13 Lines 4-39) , wherein the retrieved decryption algorithm module 

1 6 indicator dynamically maintains a balance between security level and processing speed (See Tan 

17 Col. 10 Lines 37-55). 

18 Regarding claims 30, 32, and 34, Tan disclosed that the inspecting portion inspects 

1 9 whether the data inputted via the input port ion includes a decryption algorithm module 

20 combination, the decrj^tion algorithm module combination including a decryption algorithm 

2 1 module indicator and an authentication algorithm module indicator, and, upon an affirmative 

22 determination, retrieves the decryption algorithm module combination or, upon a negative 
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1 determination, transmitting directly the inputted data to the output portion, the decryption 

2 processing portion controlling the decryption processing, including the type of decryption and 

3 the type of authentication, of the inputted digital data using the decryption algorithm module 

4 indicator retrieved by the inspecting portion as a guide (See Tan Col. 7 Lines 13-25). 

5 Regarding claim 35, Tan disclosed a decryption module database for storing a plurality of 

6 entries of records of data, each of the entries of records containing a decryption algorithm 

7 module indicator, the inspecting portion inspecting whether the data inputted via the input 

8 portion includes a decryption module database index and, upon an affirmative inspection result, 

9 retrieving the decryption module database index and further retrieving an entry of record from 

10 the decryption module database using the index and, upon a negative inspection result, directly 

1 1 transmitting the inputted data to the output portion, the decryption processing portion controlling 

1 2 the decryption processing of the inputted digital data using the entry of record retrieved by the 

13 inspecting portion as a guide (See Tan Col. 4 Lines 7-23 and Col. 13 Lines 4-39). 

14 Regarding claim 36, Tan disclosed that the decryption module database stores a plurality 

1 5 of entries of records of data, each of the entries of records containing a decryption algorithm 

1 6 module indicator and an authentication algorithm module indicator, the decryption processing 

17 portion controlling decryption processing, including the type of decryption and the type of 

1 8 authentication, using the entry of record retrieved by the inspecting portion as a guide (See Tan 

19 Col. 7 Lines 13-25). 
20 

21 
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1 Claim Rejections - 35 USC § 103 

2 The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 

3 obviousness rejections set forth in this Office action: 

4 A patent may not be obtained though the invention is not identically disclosed or 

5 described as set forth in section 102 of this title, if the differences between the subject matter 

6 sought to be patented and the prior art are such that the subject matter as a whole would have 

7 been obvious at the time the invention was made to a person having ordinary skill in the art to 

8 which said subject matter pertains. Patentability shall not be negatived by the manner in which 

9 the invention was made. 
10 

11 

12 Claims 1,3,5, 13-15, 18, 20, 22, 25, 28, and 37-38 are rejected under 35 U.S.C. 103(a) as 

13 being unpatentable over Tan (US Patent Number 6,490,353). 

14 Regarding claim 1, Tan disclosed a data encryption method (See Tan Fig. 13), the 



15 method comprising: constructing a security class database for storing a plurality of entries of 

16 records of data (See Tan Col. 8 Lines 18-24 pool of securithms), each of the entries of records 

17 including a corresponding encryption definition field, the encryption definition field including a 

18 plurality of encryption algorithm module indicators (See Tan Col. 7 Line 65 - Col. 8 Line 37); 

19 inputting digital data to be encrypted (See Tan Col. 8 Lines 38-54); fi-om the security class 

20 database, retrieving the corresponding encryption definition data (See Tan Col. 8 Lines 15-25 

21 Library); from the retrieved encryption definition data, selecting at random an encryption value 

22 related to an algorithm module indicator (See Tan Col. 10 Lines 37-55); with the selected 

23 encryption algorithm module indicator as a guide, controlling encryption processing of the 

24 inputted digital data (See Tan Col. 10 Lines 37-55) , wherein the selected encryption algorithm 

25 module indicator dynamically maintains a balance between security level and processing speed 

26 (See Tan Col. 10 Lines 37-55); and appending decryption information to the digital data that has 
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1 undergone encryption processing for subsequent output (See Tan Col. 4 Lines 7-23), but Tan 

2 failed to disclose each record also including a data attribute description field; or finding a data 

3 attribute description that matches attribute of the digital data. However, Tan did disclose that the 

4 choice of complexity of the securithms might be determined by the user based on the security 

5 and sensitivity level of the data in part, or in whole, purpose of the communication, or other 

6 factors or policies, and that depending on the requirements of the application, users, or poUcy a 

7 library of the securithms fi-om the pool are arbitrarily selected (See Tan Col. 8 Lines 15-25). 

8 It would have been obvious to the ordinary person skilled in the art at the time of 

9 invention to have included an indication of the complexity level of each securithm in the pool. 

1 0 This would have been obvious because the ordinary person skilled in the art would have been 

1 1 motivated to allow the system to easily identify the complexity of each securithm when 

12 determining which securithms were complex enough for the policy regarding the data being 

13 encrypted. 

14 Regarding claim 5, Tan disclosed a data encryption method, the method comprising : 

1 5 constructing an encryption module database for storing a plurality of entries of records of data, 

1 6 each of the entries of records containing an encryption algorithm module indicator and an 

17 authentication algorithm module indicator (See Tan Col. 8 Lines 18-24 pool and Col. 7 Lines 14- 

18 25); inputting digital data to be encrypted (See Tan Col. 8 Lines 38-54); finding each data 

19 attribute description that matches an attribute of the digital data, and retrieving the corresponding 

20 encrj^tion definition data (See Tan Col. 8 Lines 15-25 Library); fi-om the retrieved encryption 

21 definition data, selecting at random an encryption module database index (See Tan Col. 10 Lines 

22 37-55); according to the retrieved encr3^tion module database index, selecting an entry of 
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1 record from the encryption module database (See Tan Col. 10 Lines 37-55); with the selected 

2 entry of record as a guide, controlling encryption processing, including the type of encryption 

3 and the type of authentication, of the inputted digital data (See Tan Col. 10 Lines 37-55) , 

4 wherein the selected encryption algorithm module indicator dynamically maintains a balance 

5 between security level and processing speed (See Tan Col. 10 Lines 37-55); and appending 

6 decryption information to the digital data that has undergone encryption processing for 

7 subsequent ou^ut (See Tan Col. 4 Lines 7-23), but Tan failed to disclose constructing a security 

8 class database for storing a plurality of entries of records of data, each of the entries of records 

9 containing a data attribute description field and a corresponding encryption definition field, the 

10 encryption definition field including a plurality of encryption module database indexes. 

1 1 However, Tan did disclose that the choice of complexity of the securithms might be determined 

12 by the user based on the security and sensitivity level of the data in part, or in whole, purpose of 

13 the communication, or other factors or policies, and that depending on the requirements of the 

14 application, users, or policy a library of the securithms fi-om the pool are arbitrarily selected (See 

15 Tan Col. 8 Lines 15-25). 

16 It would have been obvious to the ordinary person skilled in the art at the time of 

17 invention to have included an indication of the complexity level of each securithm in the pool. 

1 8 This would have been obvious because the ordinary person skilled in the art would have been 

1 9 motivated to allow the system to easily identify the complexity of each securithm when 

20 determining which securithms were complex enough for the policy regarding the data being 

21 encrypted. 
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1 Regarding claim 13, Tan disclosed a data encryption method, the method comprising : 

2 constructing a security class database for storing a plurality of entries of records of data, each of 

3 the entries of records containing a corresponding encryption definition field, the encryption 

4 definition data field being an encryption algorithm module indicator (See Tan Col. 8 Lines 15- 

5 25); inputting digital data to be encrypted (See Tan Col. 8 Lines 38-54); retrieving the 

6 encryption algorithm module indicator of the corresponding encryption definition field (See Tan 

7 Col. 8 Lines 15-25); with the selected encryption algorithm module indicator as a guide, 

8 controlling encryption processing of the inputted digital data (See Tan Col. 10 Lines 37-55) , 

9 wherein the selected encryption algorithm module indicator dynamically maintains a balance 

10 between security level and processing speed (See Tan Col. 10 Lines 37-55); and appending 

1 1 decrj^tion information to the digital data that has undergone encryption processing for 

12 subsequent output(See Tan Col. 4 Lines 7-23), but Tan failed to disclose each of the entries of 

13 records containing a data attribute description field; or from the security class database, finding 

14 each data attribute description that matches an attribute of the digital data. However, Tan did 

1 5 disclose that the choice of complexity of the securithms might be determined by the user based 

16 on the security and sensitivity level of the data in part, or in whole, purpose of the 

17 communication, or other factors or policies, and that depending on the requirements of the 

1 8 application, users, or policy a library of the securithms from the pool are arbitrarily selected (See 

19 Tan Col. 8 Lines 15-25). 

20 It would have been obvious to the ordinary person skilled in the art at the time of 

2 1 invention to have included an indication of the complexity level of each securithm in the pool. 

22 This would have been obvious because the ordinary person skilled in the art would have been 
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1 motivated to allow the system to easily identify the complexity of each securithm when 

2 determining which securithms were complex enough for the policy regarding the data being 

3 encrypted. 

4 Regarding claim 15, Tan disclosed a data encryption method, the method including : 

5 constructing an encryption module database for storing a plurality of entries of records of data, 

6 each of the entries of records containing an encryption algorithm module indicator and an 

7 authentication algorithm module indicator (See Tan Col. 8 Lines 15-25); inputting digital data to 

8 be encrypted (See Tan Col. 8 Lines 38-54); retrieving the encryption module database index 

9 from the corresponding encryption definition field (See Tan Col. 8 Lines 15-25); with the 

10 retrieved encryption module database index as a guide, selecting an entry of record from the 

1 1 encrj^tion module database (See Tan Col. 8 Lines 38-54); with the selected entry of record as a 

12 guide, controlling encryption processing, including the type of encryption and the type of 

13 authentication, of the inputted digital data (See Tan Col. 8 Lines 38-54) , wherein the selected 

14 encryption algorithm module indicator dynamically maintains a balance between security level 

15 and processing speed (See Tan Col. 10 Lines 37-55); and appending decryption information to 

1 6 the digital data that has undergone encryption processing for subsequent output (See Tan Col. 4 

17 Lines 7-23) however, Tan failed to disclose constructing a security class database for storing a 

1 8 plurality of entries of records of data, each of the entries of records containing a data attribute 

19 description field and a corresponding encryption definition field, the encryption definition data 

20 field being an encrj^tion module database index; or fi-om the security class database, finding 

2 1 each data attribute description that matches attribute an of the digital data, and retrieving the 

22 encrj^tion module database index from the corresponding encryption definition field. However, 



Application/Control Number: 1 0/720,2 1 4 Page 1 3 

Art Unit: 2431 

1 Tan did disclose that the choice of complexity of the securithms might be determined by the user 

2 based on the security and sensitivity level of the data in part, or in whole, purpose of the 

3 communication, or other factors or policies, and that depending on the requirements of the 

4 application, users, or policy a library of the securithms from the pool are arbitrarily selected (See 

5 Tan Col. 8 Lines 15-25). 

6 It would have been obvious to the ordinary person skilled in the art at the time of 

7 invention to have included an indication of the complexity level of each securithm in the pool, 

8 and selecting the securithm based upon an appropriate complexity level required for the input 

9 data. This would have been obvious because the ordinary person skilled in the art would have 

10 been motivated to allow the system to easily identify the complexity of each securithm when 

1 1 determining which securithms were complex enough for the policy regarding the data being 

12 encrypted. 

13 Regarding claim 16, Tan disclosed a data encryption apparatus, the apparatus having an 

14 input portion for input of data and an output portion for output of data after encryption 

15 processing thereof, the apparatus fiirther comprising: a security class database for storing a 

16 plurality of entries of records of data, a corresponding encryption definition field, the encryption 

17 definition field including a plurality of encryption algorithm module indicators (See Tan Col. 8 

18 Lines 15-25); an attribute inspecting portion for finding from the security class database each 

19 data attribute description that matches an attribute of the digital data sent from the inspecting 

20 portion and for fransmitting the corresponding encryption definition data to a encryption 

21 selecting portion (See Tan Col. 8 Lines 15-25); the encryption selecting portion, selecting at 

22 random an encryption algorithm module indicator from the retrieved encryption definition data 
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1 (See Tan Col. 8 Lines 38-54); and an encryption processing portion for controlling encryption 

2 processing of the inputted digital data using the encryption algorithm module indicator selected 

3 by the encryption selecting portion as a guide (See Tan Col. 8 Lines 38-54) , wherein the 

4 selected encryption algorithm module indicator dynamically maintains a balance between 

5 security level and processing speed (See Tan Col. 10 Lines 37-55), but Tan failed to specifically 

6 disclose each of the entries of records containing a data attribute description field; an inspecting 

7 portion for inspecting and separating the data inputted via the input portion into parameter data 

8 or digital data; a parameter processing portion for updating the security class database with the 

9 parameter data sent from the inspecting portion. However, Tan did disclose that the choice of 

1 0 complexity of the securithms might be determined by the user based on the security and 

1 1 sensitivity level of the data in part, or in whole, purpose of the communication, or other factors 

12 or policies, and that depending on the requirements of the application, users, or policy a library 

13 of the securithms from the pool are arbitrarily selected (See Tan Col. 8 Lines 15-25). 

14 It would have been obvious to the ordinary person skilled in the art at the time of 

1 5 invention to have included an indication of the complexity level of each securithm in the pool, to 

1 6 have automatically determined the input data type and selecting the securithm based upon an 

17 appropriate complexity level required for the input data type. This would have been obvious 

1 8 because the ordinary person skilled in the art would have been motivated to allow the system to 

19 easily identify the complexity of each securithm when determining which securithms were 

20 complex enough for the policy regarding the data type being encrypted. 

21 Regarding claim 23, Tan disclosed a data encryption apparatus, the apparatus having an 

22 input portion for input of data and an output portion for output of data after encryption 
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1 processing tiiereof, the apparatus further comprising: a encryption module database for storing a 

2 plurality of entries of records of data, each of the entries of records containing an encryption 

3 algorithm module indicator (See Tan Col. 8 Lines 15-25); a encryption selecting portion for 

4 selecting at random an entry of record from the encryption module database (See Tan Col. 8 

5 Lines 38-54); and an encryption processing portion for controlling encryption processing of the 

6 inputted digital data using the entry of record selected by the encryption selecting portion as a 

7 guide (See Tan Col. 8 Lines 38-54) , wherein the selected encryption algorithm module indicator 

8 dynamically maintains a balance between security level and processing speed (See Tan Col. 10 

9 Lines 37-55), but Tan failed to specifically disclosed an inspecting portion for inspecting and 

1 0 separating the data inputted via the input portion into parameter data or digital data; a parameter 

1 1 processing portion for updating the encryption module database using the parameter data from 

12 the inspecting portion. However, Tan did disclose that the choice of complexity of the 

13 securithms might be determined by the user based on the security and sensitivity level of the data 

14 in part, or in whole, purpose of the communication, or other factors or policies, and that 

1 5 depending on the requirements of the apphcation, users, or policy a library of the securithms 

16 from the pool are arbitrarily selected (See Tan Col. 8 Lines 15-25). 

17 It would have been obvious to the ordinary person skilled in the art at the time of 

1 8 invention to have included an indication of the complexity level of each securithm in the pool, 

19 and selecting the securithm based upon an appropriate complexity level required for the input 

20 data. This would have been obvious because the ordinary person skilled in the art would have 

2 1 been motivated to allow the system to easily identify the complexity of each securithm when 
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1 determining which securithms were complex enough for the policy regarding the data being 

2 encrypted. 

3 Regarding claim 27, Tan disclosed a data encryption apparatus, the apparatus having an 

4 input portion for input of data and an output portion for output of data after encryption 

5 processing thereof, the apparatus further comprising: a security class database for storing a 

6 plurality of entries of records of data, each of the entries of records containing a corresponding 

7 encryption definition field, the encryption definition field being an encryption algorithm module 

8 indicator (See Tan Col. 8 Lines 15-25); and the encryption processing portion for controlling 

9 encryption processing of the inputted digital data using the encryption algorithm module 

10 indicator selected as a guide (See Tan Col. 8 Lines 38-54) , wherein the selected encryption 

1 1 algorithm module indicator dynamically maintains a balance between security level and 

12 processing speed (See Tan Col. 10 Lines 37-55), but Tan failed to specifically disclose a security 

13 class database for storing a plurality of entries of records of data, each of the entries of records 

14 containing a data attribute description field and an inspecting portion for inspecting and 

1 5 separating the data inputted via the input portion into parameter data or digital data; a parameter 

1 6 processing portion for updating the security class database with the parameter data fi-om the 

17 inspecting portion; an attribute inspecting portion for finding from the security class database 

1 8 each data attribute description that matches an attribute of the digital data sent from the 

19 inspecting portion and for transmitting the corresponding encryption definition data to an 

20 encrj^tion processing portion. However, Tan did disclose that the choice of complexity of the 

2 1 securithms might be determined by the user based on the security and sensitivity level of the data 

22 in part, or in whole, purpose of the communication, or other factors or policies, and that 
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1 depending on the requirements of the apphcation, users, or policy a library of the securithms 

2 from the pool are arbitrarily selected (See Tan Col. 8 Lines 15-25). 

3 It would have been obvious to the ordinary person skilled in the art at the time of 

4 invention to have included an indication of the complexity level of each securithm in the pool, 

5 and selecting the securithm based upon an appropriate complexity level required for the input 

6 data. This would have been obvious because the ordinary person skilled in the art would have 

7 been motivated to allow the system to easily identify the complexity of each securithm when 

8 determining which securithms were complex enough for the policy regarding the data being 

9 encrypted. 

10 Regarding claims 3, 14, 18, 25, and 28, Tan disclosed that the encryption definition field 

11 in the security class database constructed in step A is an encryption algorithm module 

12 combination, the encryption algorithm module combination including an encryption algorithm 

13 module indicator and an authentication algorithm module indicator, data of an encryption 

14 algorithm module combination of the corresponding encryption definition field being retrieved in 

1 5 the step C of finding from the security class database the data attribute description that matches 

16 the attribute of the digital data, the selected encryption algorithm module combination being used 

17 in step D as a guide for controlling encryption processing, including the type of encryption and 

18 the type of authentication, of the inputted digital data (See Tan Col. 7 Lines 13-25). 

19 Regarding claim 20, Tan disclosed an encryption module database for storing a plurality 

20 of entries of records of data, each of the entries of records containing an encryption algorithm 

21 module indicator and an authentication algorithm module indicator(See Tan Col. 7 Lines 13-25); 

22 the encrj^tion definition field of the security class database including a plurality of encryption 
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1 module database mdexes(See Tan Col. 8 Lines 15-25); the encrj^tion selecting portion selecting 

2 at random an encryption module database index from the retrieved encryption definition data 

3 and, according to the retrieved encryption module database index, and selecting an entry of 

4 record from the encryption module database(See Tan Col. 8 Lines 38-54); the encryption 

5 processing portion using the entry of record selected by the encryption selecting portion as a 

6 guide to control encryption processing, including the type of encryption and the type of 

7 authentication, of the inputted digital data(See Tan Col. 8 Lines 38-54), wherein the selected 

8 entry of record dynamically maintains a balance between security level and processing speed 

9 (See Tan Col. 1 0 Lines 37-55). 

1 0 Regarding claim 22, Tan disclosed that the parameter processing portion updates the 

1 1 security class database and the encryption module database using the parameter data sent from 

12 the inspecting portion (See Tan Col. 8 Lines 15-25). 

13 Regarding claim 37, Tan disclosed the claimed decryption system including inspecting 

14 whether the digital data includes a decryption module database index and, upon an affirmative 

1 5 inspection result, retrieving the decryption module database index and fiirther retrieving an entry 

1 6 of record from the decryption module database using the index and, upon a negative inspection 

17 result, directly transmitting the inputted data to the output portion (See Tan Col. 8 Lines 3-25 and 

18 Col. 13 Lines 4-39) but failed to specifically disclose a parameter processing portion for 

1 9 updating the decryption module database using parameter data, the inspecting portion inspecting 

20 and separating the data inputted via the input portion into parameter data or digital data and, if 

2 1 the inputted data is parameter data, transmitting the same to the parameter processing portion 

22 and, if the inputted data is digital data. However, Tan did disclose that the choice of complexity 



Application/Control Number: 1 0/720,2 1 4 Page 1 9 

Art Unit: 2431 

1 of the securithms might be determined by the user based on the security and sensitivity level of 

2 the data in part, or in whole, purpose of the communication, or other factors or policies, and that 

3 depending on the requirements of the apphcation, users, or policy a library of the securithms 

4 from the pool are arbitrarily selected (See Tan Col. 8 Lines 15-25). 

5 It would have been obvious to the ordinary person skilled in the art at the time of 

6 invention to have included an indication of the complexity level of each securithm in the pool, 

7 and selecting the securithm based upon an appropriate complexity level required for the input 

8 data. This would have been obvious because the ordinary person skilled in the art would have 

9 been motivated to allow the system to easily identify the complexity of each securithm when 

1 0 determining which securithms were complex enough for the policy regarding the data being 

1 1 encrypted. 

12 Regarding claim 38, Tan disclosed the decryption module database stores a plurality of 

13 entries of records of data, each of the entries of records containing a decryption algorithm 

14 module indicator and an authentication algorithm module indicator, the decrj^tion processing 

1 5 portion controlling decryption processing, including the type of decryption and the type of 

1 6 authentication, of the inputted digital data using the entry of record retrieved by the inspecting 

17 portion as a guide (See Tan Col. 7 Lines 13-25 and Col. 13 Lines 4-39). 

18 Claims 2, 4, 6, 8, 10, 12, 17, 19, 21, 24, 26, and 39 are rejected under 35 U.S.C. 103(a) as 

19 being unpatentable over Tan as applied to claims 1,5,7, 11, 16, 23, and 27 above, and further in 

20 view of Kim et al. (US Patent Number 6,499,127) hereinafter referred to as Kim. 

2 1 Tan disclosed randomly selecting one algorithm from a set of algorithms randomly and 

22 that the encrj^tion definition field in the security class database constructed in step A includes a 
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1 plurality of encryption algorithm module indicators and corresponding proportions adopted 

2 thereby (See Tan Col. 8 Lines 15-25 and Col. 9 Lines 34-40), but failed to specifically disclose 

3 an encryption algorithm module indicator being selected from the retrieved encryption definition 

4 data in step D according to each of the encryption algorithm module indicators and the 

5 corresponding proportions adopted thereby in cooperation with a random number generator and a 

6 MOD operation. 

7 Kim teaches a method for selecting a number in a range randomly comprising 

8 determining the size of the range, generating a random number, and taking the random number 

9 modulo the size of the range (See Kim Col. 23 Paragraph 1). 

1 0 It would have been obvious to the ordinary person skilled in the art at the time of 

1 1 invention to employ the teachings of Kim in the random algorithm system of Tan by selecting 

1 2 the algorithm randomly from the seed by generating a random number and then taking the 

13 random number MOD the number of entries in the seed. This would have been obvious because 

14 the ordinary person skilled in the art would have been motivated to select the algorithm 

1 5 randomly as taught by Tan. 

1 6 Regarding claim 39, Tan disclosed that the parameter processing portion updates the 

1 7 security class database and the encryption module database using the parameter data sent from 

18 the inspecting portion (See Tan Col. 8 Lines 15-25). 
19 

20 
21 
22 
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Conclusion 



2 



Claims 1-39 have been rejected. 



3 



THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 



4 



policy as set forth in 37 CFR 1.136(a). 



5 



A shortened statutory period for reply to this final action is set to expire THREE 



6 MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 

7 MONTHS of the mailing date of this final action and the advisory action is not mailed until after 

8 the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 

9 will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

10 CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 

1 1 however, will the statutory period for reply expire later than SIX MONTHS fi-om the mailing 

12 date of this final action. 

13 Any inquiry concerning this communication or earlier communications from the 

14 examiner should be directed to MATTHEW T. HENNING whose telephone number is 

15 (571)272-3790. The examiner can normally be reached on M-F 8-4. 

16 If attempts to reach the examiner by telephone are unsuccessfiil, the examiner's 

17 supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 

1 8 organization where this application or proceeding is assigned is 571-273-8300. 
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1 Information regarding the status of an application may be obtained from the Patent 

2 Application Information Retrieval (PAIR) system. Status information for published applications 

3 may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

4 applications is available through Private PAIR only. For more information about the PAIR 

5 system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

6 system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 

7 like assistance from a USPTO Customer Service Representative or access to the automated 

8 information system, call 800-786-9 1 99 (IN USA OR CANADA) or 57 1 -272- 1 000. 
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1 0 /Matthew T Henning/ 

1 1 Examiner, Art Unit 243 1 
12 

13 /Christopher A. Revak/ 

1 4 Primary Examiner, Art Unit 243 1 



